package com.woniuxy.utils.commons;


import com.woniuxy.controller.info.UserInfo;
import com.woniuxy.dao.AccountDao;
//import com.woniuxy.dao.ResourceDao;
import com.woniuxy.dao.ResourceDao;
import com.woniuxy.model.Account;
import com.woniuxy.utils.ObjectRedisTemplate;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.ObjectUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.concurrent.TimeUnit;

@Component
@Aspect
public class RuleValiDateAspect {

    @Resource
    private ObjectRedisTemplate ort;
    @Resource
    private ResourceDao resourceDao;
    @Resource
    private AccountDao accountDao;
    private AntPathMatcher apm = new AntPathMatcher();

    @Before("@annotation(com.woniuxy.utils.commons.Acc)")
    public void valiDateRule() {
        //获取当前请求的uri
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        String uri = request.getRequestURI();
        //从redis中获取值
        Integer accountId = (Integer) request.getSession().getAttribute("AccountId");

        UserInfo userInfo1 = ort.get("Account:info:id:" + accountId, UserInfo.class);
        if (ObjectUtils.isEmpty(userInfo1)) {//如果已过期再存一次

            Account account = accountDao.selectById(accountId);
            List<String> resourceUri = resourceDao.findResourceUri(accountId);
            UserInfo userInfo = new UserInfo();
            userInfo.setAccountId(accountId);
            userInfo.setAccountUsername(account.getAccountUsername());
            userInfo.setUris(resourceUri);

            ort.opsForValue().set("Account:info:id:" + accountId, userInfo, 60 * 60, TimeUnit.SECONDS);
            UserInfo userInfo2 = ort.get("Account:info:id:" + accountId, UserInfo.class);
            //获取resources
            List<String> resources = userInfo2.getUris();
            boolean b = false;
            for (String res : resources) {
                if (apm.match(res, uri)) {
                    b = true;
                    break;
                }
            }
            if (!b) {
                throw new AccessDeniedException("未授权");
            }
        } else {
            //获取resources
            List<String> resources = userInfo1.getUris();
            boolean bool = false;
            System.out.println(resources);
            for (String res : resources) {
                if (apm.match(res, uri)) {
                    bool = true;
                    break;
                }
            }
            if (!bool) {
                throw new AccessDeniedException("未授权");
            }
        }
    }
}
